patch-2.6.6-vs1.9.1

[linux-2.6.git] / fs / namespace.c

diff --git a/fs/namespace.c b/fs/namespace.c
index dfeac21..fa8b30e 100644 (file)
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -691,7 +691,7 @@ static int do_add_mount(struct nameidata *nd, char *type, int flags,
                return -EINVAL;
 
        /* we need capabilities... */
-       if (!capable(CAP_SYS_ADMIN))
+       if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT))
                return -EPERM;
 
        mnt = do_kern_mount(type, flags, name, data);